Solved

newly created DNS set up to automatically replicate with a dns server at remote site that it doesn't have a connection to

Posted on 2013-10-30
5
467 Views
Last Modified: 2013-10-30
We have a main site with 2 dns 2008r2 servers that replicate to dns/ad servers at remote sites and they have a vpn tunnel to every site.
There are tunnels built via cisco ASA between the sites, but there is not a tunnel between every site.
I added a new DNS to a remote site on server 2003. It automatically generated an NTDS Settings in AD sites and Services to replicated with our main server at the main site but also a dns at the remote site that it does not have a vpn tunnel to. Therefore I am getting replication errors.  I was always told to not mess with the automatically generated ones, so is it okay to delete this?
0
Comment
Question by:jtano
  • 3
  • 2
5 Comments
 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 39612178
You need to create AD sites and service topology as per physical connectvity.It seem you have hub and spoke topology.See below thread how to create the same.

http://social.technet.microsoft.com/Forums/windowsserver/en-US/c92ba0ed-4652-4098-bdcf-8b9f8803c9aa/site-link-bridge?forum=winserverDS
0
 

Author Comment

by:jtano
ID: 39612533
So on the new server I went under Inter site Tansports and under IP where my dafaultIPSITELINK is I clicked to add a new Site link and in this link just put the remote site rr and the main site cc in.  In the default site link I took out the remote rr so it won't try to replicate with the remote site V v. Now I just wait for it to replicate. Does this sound correct?
0
 

Author Comment

by:jtano
ID: 39612548
I guess I should ask if I disable the site link bridge do I need to manually set up the ones that are already replicating correctly ( it is enabled now) or doing the way I said above will that work okay without disabling?
0
 
LVL 24

Accepted Solution

by:
Sandeshdubey earned 500 total points
ID: 39612840
Lets assume you have 4 site Site A/B/C/D and site A is hub site.So the topology will look like this

- Create site for all four site A,SiteB...
- Create site link a below(Add the two sites in each specific connector).
SiteA- SiteB
SiteA-SiteC
SiteA-SiteD
-Disable bridging:http://technet.microsoft.com/en-us/library/cc738789(v=ws.10).aspx
- Ensure that you also create subnets and map to specific.

Once done wait for replication kcc will create the required topology.If you have created any manual connection delete the same as it is not recommended.http://blogs.technet.com/b/markmoro/archive/2011/08/05/you-are-not-smarter-than-the-kcc.aspx
0
 

Author Comment

by:jtano
ID: 39613165
Okay. I was confused becuase it was alrady disabled for IP but it set up a replication to a server it can't reach?  I think its good now thanks for the links they were very helpful.
I set up a new link and deleted the bad one. At least its replicating now.
Thanks
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question